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(57) Abstract: The communications means 
that are commonly provided for the remote 
control of electronic components are utilized to 
effect an exchange of parameters to facilitate a 
cryptographic key exchange . The bi-directional 
remote control transceivers, typically infrared 
transceivers, that are conunonly used to 
conraiunicate commands from the remote 
control device and to communicate feedback 
to the remote control device are configured 
to conununicate parameters between a pair 
of consxmier devices that are controllable 
by the remote control device. In a preferred 
embodiment of this invention the remote control 
device contains the control means to effect 
the transfer of these parameters between the 
consiuner devices. 
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Key exchange via a portable remote control device. 



BACKGROUND OF THE INVENTION 

1. Field of the Invention 

This invention relates to the field of consumer electronics, and in particular to 
encryption techniques for copy and display protection for copyright material. 

2. Description of Related Art 

Digital recordings have the unique property that copies of the recorded 
material have the same quality as the original. As such, the need for an effective copy 
protection scheme is particularly crucial for the protection of copyright material that is 
digitally recorded. A number of protection schemes have been developed or proposed that 
rely upon a secure link between electronic devices. These schemes typically rely upon the 
manufacturers of the electronic devices to comply with an agreed upon standard to make the 
mass production of protected material economically infeasible. For example, a set top box 
may communicate a received broadcast to a receiving device, such as a VCR or television, in 
an encrypted form that is only decryptable by the intended receiving device. In like manner, a 
playback device, such as a VCR or DVD, communicates the material in an encrypted form 
that is only decryptable by its intended receiving device, and so on, 

To effect this one-to-one encryption scheme, the proposed standards often call 
for the establishment of the encrypted link via a mutual key exchange. One such key 
exchange system is the "Diffie-Hellman" key-exchange algorithm, common in the art. FIG. 1 
illustrates an example flow diagram for a key-exchange and subsequent encryption of content 
material using the Diffie-Hellman scheme. At 1 10, a first device. Device A, transmits a large 
prime n, and a number g that is primitive mod n, as a message 1 1 1 to a second device, Device 
B, that receives n and g, at 1 15. Each device, at 120 and 125, generate a large random 
number, x and y, respectively. At 130, Device A computes a number X that is equal to g'' 
mod n; and, at 135, Device B computes a number Y that is equal to mod n. Device A 
communicates X to Device B, and Device B conmiunicates Y to Device A, via messages 131, 
136, respectively. Note that the determination of x fi-om a knowledge of g and X, and y from 
a knowledge of g and Y, is computationally infeasible, and thus, an eavesdropper to the 
exchange of g, n, X, and Y will not be able to determine x or y. Device A computes a key K 
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that is equal to mod n, at 140, and Device B computes a key K' that is equal to mod n, 
at 145. Note that both K and K' are equal to g''^ mod n, and thus Device B knows Device A's 
key, and vice versa, while an eavesdropper to the exchange of g, n, X, and Y will not know 
the key, because the eavesdropper does not know x or y. This exchange of information from 
5 which to generate the knowledge of a corresponding key is termed a key exchange. 

After effecting the key exchange, Device A encrypts the content material M 
150 and communicates the encrypted material Ek(M) to Device B, at 160, via 
communications path 161. Because Device B's key K' is identical to the key K that is used to 
encrypt the content material M 150, Device B uses key K* to decrypt the received encrypted 

1 0 material Ek(M) to create a decrypted copy 1 50' of the content material M 1 50, at 1 65. An 
eavesdropper to the communications path 161, not having a knowledge of the key K, is 
unable to decrypt the encrypted material Ek(M), and thus unable to create a copy of the 
content material M 150. 

Note that the above described key exchange, and virtually all known secure 

15 key exchanges, require a bi-directional transfer of information between the devices. Many 
consimier electronic devices, however, are configured for a unidirectional transfer of content 
material. For example, as illustrated in FIG. 2, a conventional set-top box 210 or DVD player 
230 includes a wide-bandwidth transmitter for transmitting 211, 212, 23 1, 232 the content 
material to a VCR 260 or display device 250, but rarely includes a receiver for receiving 

20 communications from the VCR or display device. In a device such as the VCR 260 that has 
bi-directional conmiunications capabilities 251, 261, the key exchange can be effected by 
multiplexing the key exchange messages 1 1 1, 131, 136 of FIG. 1 onto the same paths 251, 
261 that are used to communicate content material. Note, however, that the adoption of this 
multiplexing scheme for key exchange requires that the receiving device 250 contain 

25 receiving equipment that is compatible with the transmission 261 of content material. Thus, a 
conventional DVD player 230 that transmits 232 wide-bandwidth content material to the 
VCR 260 will be required to also contain a wide-bandwidth receiver to receive wide- 
bandwidth content-compatible transmissions 262 from the VCR to effect a key exchange, 
even though the DVD player will have no other practical use for this wide-bandwidth 

30 communications path 262. Note, also, that a switching means will be required at the VCR to 
redirect the wide-bandwidth output, from the conventional connection 261 to a display device 
250, to the DVD player via this newly required communications path 262. Alternatively, 
additional transmitters, receivers, and communications connectors can be added to each 
consumer component 210, 220, 250, 260, etc. to effect the key exchange. Each of these 
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options requires additional material and manufacturing costs to add the required 
communications and connection equipment. 

BRIEF SUMMARY OF THE INVENTION 

It is an object of this invention to provide a method and system for effecting a 
cryptographic key exchange between consimier electronic components that utilizes 
commimications devices and paths that are common to most consumer electronic 
components. It is a further object of this invention to provide an inexpensive system for 
effecting a cryptographic key exchange between consumer electronic components. It is a 
further object of this invention to provide a method and system for effecting a cryptographic 
key exchange between consumer electronic components that is substantially independent of 
the physical location of the components. 

These objects and others are effected by utilizing the communications means 
that are commonly provided for the remote control of electronic components to effect a key 
exchange. As more sophisticated capabilities are provided for the remote control of 
equipment, most state of the art consimier electronic devices are being configured with bi- 
directional infrared transceivers for receiving commands from, and providing feedback to, 
the remote control device. In accordance with this invention, these bi-directional remote 
control transceivers are configured to communicate the parameters required to effect the 
cryptographic key exchange between consumer devices. The principles presented in this 
invention may also be used to transfer other parameters and information among consumer 
electronic devices. In a preferred embodiment of this invention a remote control device 
contains the control means to effect the transfer of these parameters between the consumer 
devices. 

BRIEF DESCRIPTION OF THE DRAWINGS 

The invention is explained in further detail, and by way of example, with 
reference to the accompanying drawings wherein: 

FIG. 1 illustrates an example flow diagram of a prior art cryptographic key 
exchange technique. 

FIG. 2 illustrates an example block diagram of a prior art system of consumer 
electronic devices. 
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FIG. 3 illustrates an example block diagram of a system of consimier 
electronic devices with bi-directional remote control capabilities in accordance with this 
invention. 

FIG. 4 illustrates an example block diagram of a pair of consiimer electronic 
devices and a remote control device in accordance with this invention. 

FIG. 5 illustrates an example flow diagram of a key exchange via a remote 
control device in accordance v^th this invention. 

Throughout the drawings, same reference numerals indicate similar or 
corresponding features or functions. 



DETAILED DESCRIPTION OF THE INVENTION 

With the increasing use of convenience features for home automation and 
integrated audio-visual systems, the traditional function of a remote control device has 
expanded to include feedback from the device being controlled. Copending U.S. patent 

1 5 application "REMOTE CONTROL PROGRAM SELECTION BY GENRE", U.S. serial 
number 09/282,319, filed 03/31/99 for Karen Travato, Dan Pelletier, Paul Rankin, and 
Jacquelyn Martino, Attorney Docket PHA 23,644, for example, presents a remote control 
device that receives program information from the television, DVD or set-top box for display 
on the remote control device to facilitate a user selection among available programs, or to 

20 present information about a program currently being viewed, and is incorporated by reference 
herein. Most state of the art consumer electronic devices contain bi-directional 
communications means, typically an infrared transceiver, for communicating with a remote 
control device. The conventional "universal" remote control device includes such a bi- 
directional transceiver that can be configured to receive infrared codes from sole-appliance 

25 remote control devices to "learn" how to control each appliance. 

FIG. 3 illustrates a collection of consumer electronic devices that are 
controllable by a remote control device 390.^ch consumer device, the set-top box 310, the 
DVD player 330, the display device 350, and the VCR 360, contains a conventional remote 
control transceiver 320 for receiving commands from, and providing feedback to a 

30 corresponding conventional remote control transceiver 320 in the remote control device 390. 
In accordance with this invention, the remote control transceiver 320 in each device is also 
used to effect a cryptographic key exchange by communicating parameters to each other) 
Note that although this invention is presented in the context of transferring key-exchange 
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parameters, any other parameters or information items may also be communicated among 
devices via the remote control transceivers 320 in the light of this disclosure. 

The communication of parameters betv^een consumer electronic devices 310, 
330, 350, and 360 can be effected via a direct communication between each pair of devices, 
but in a preferred embodiment, the remote control device 390 effects a relay, or store-and- 
forward function, to facilitate the parameter exchange. Typically, remote control transceivers 
320 use line-of-sight communications means, such as infrared transmissions. Often, 
consumer electronic devices are placed in close proximity to each other, with each remote 
control transceiver 320 oriented in the same direction, toward the expected location of a user 
of the remote control device 390. As such, adjacent devices are not within the line of sight of 
each other's remote control transceiver 320. Because each of the adjacent devices are, by 
intent, within the line of sight of the remote control device 390, the remote control device 390 
is well suited to be a relay between the adjacent devices. Also, when the consumer devices 
are not adjacent to each other, they are often located in physically separate areas. For 
example, a home may be configured to allow a television in a bedroom to receive content 
material from a VCR that is located in a family room. By configuring the remote control 
device 390 as a store and forward relay system, the remote control device 390 can be 
configured to receive a parameter from a device in one room, then transmit the parameter to 
another device when it is brought into the proximity of the other device. It can then receive a 
parameter from the other device, and transmit it to the original device when it is brought into 
the proximity of original device. Copendmg U.S. patent application, "REMOTE CONTROL 
DEVICE WITH LOCATION DEPENDENT INTERFACE", U.S. serial number 09/210,416, 
filed 12/1 1/98 for Joost Kemink and Yevgeniy Shteyn, Attorney Docket PHA 23,522 
presents a remote control device whose operation is dependent upon the physical location of 
the device, and is incorporated by reference herein. Note that the parameter exchange for a 
key exchange need only occur once between the devices; thereafter, the encrypted content 
material is communicated between devices in separate rooms via the aforementioned 
conventional wide-bandv/idth channels, using, for example, coaxial cable between the rooms. 

FIG. 4 illustrates an example block diagram of a pair of consumer electronic 
devices 400, 500 and a remote control device 390 in accordance with this invention. Each of 
the devices 400, 500, and 390 includes a remote control transceiver 320 that is illustrated as a 
transmitter 320A and a receiver 320B. The devices 400, 500 may be any pair of consumer 
devices that have a need to transfer parameters, such as the devices 3 1 0, 330, 350, 360 of 
FIG. 3. As noted above, an exchange of parameters via the consumer devices 400 and 500 
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may be effected in accordance with this invention via direct communication paths 401, 501 , 
but often such paths may not be physically practical to establish. In a preferred embodiment 
of this invention, the remote control device 390 facilitates the parameter transfer via a store- 
and-forv^ard relay technique. The operation of the devices 400, 500, 390 to effect the 
5 parameter transfer is best explained with reference to the example flow diagram of FIG. 5. In 
the foregoing description, transmissions from each device 400, 500, and 390 are via the 
transmitter 390A wdthin each device 400, 500, and 390, and receptions at each device 400, 
500, and 390 are via the receiver 390B within each device 400, 500, and 390. The respective 
controllers 430, 530, and 393 of the devices 400, 500, 390, effect the example flow of FIG. 5, 
10 respectively. 

^t 910 of FIG. 5, the controller 393 of the remote control device 390 transmits 
an alert message 91 1, 913 to each device 400, 500, respectively, to establish the network of 
communications among the devices 400, 500, 390. Methods for communication among 
different devices are common in the art and traditionally used for commonly available 

15 "xmiversal" remote controllers. In a preferred embodiment, the establishment of the network 
at 910 may be initiated via an entry on the keypad 398, or via the receipt of a request (not 
shown) from, for example, device A , signaling that it has content material to conmiunicate to 
device B, and requesting that the remote device 390 facilitate the parameter transfer required 
to effect a key exchange between device A and device Bt) 

20 i^pon receipt of the alert 9 1 1 , 9 1 3 the controllers 430, 520 of each device 400, 

500 prepare for the key exchange, at 912, 914, respectively. Illustrated in the example of FIG. 
5 is a key exchange based on the Diffie-Hellman key exchange technique. The application of 
the principles of this invention to other key exchange techniques, or other parameter 
exchange applications, will be evident to one of ordinary skill in the art in light of the 

25 principles presented herein) Each device 400, 500 generates a large random number x, y via 
their respective key parameter generators (440, 540 in FIG. 4). Techniques for generating or 
selecting random numbers, or pseudo-random numbers, are conunon in the arij^o effect the 
Diffie-Hellman key exchange, the remote control device 390 transmits, at 930, a large prime 
n, and a number g that is primitive mod n, to each device 400, 500, via messages 93 1 , 933, 

30 respectively. At 932, 934, each device computes the parameter X, Y that is to be transferred, 
based on the "secret" random numbers x, y, respectively. In the example Diffie-Hellman key 
exchange, X is equal to g'' mod n, and Y is equal to g^ mod n^ 

Based upon an agreed upon convention, or protocol, one of the devices 
transmits its parameter first. In a preferred embodiment, the device having content material to 
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send, device A 400 in the illustrated example, transmits its parameter X 941 to the remote 
device 390, at 942. As v^ould be evident to one of ordinary skill in the art, any one of a 
variety of protocols may be employed to effect this transmission.^or example, the remote 
device 390 may send a prompt to each device whenever it is ready to receive the parameter, 
5 or the device 400, 500 may repeatedly send the parameter until the remote device 390 sends 
an acknowledgment that it received the parameter, and so on. Because the encryption and 
subsequent decryption of the content material is dependent upon an accurate commimi cation 
of the parameters X, Y, error checking and error correction techniques, common in the art, 
are employed in a preferred embodiment. The parameter X 941 is received from the de vice A 
10 400, at 940, and subsequently transmitted to device B 500, at 950^evice B receives the 

parameter X 941, at 954, and transmits its parameter Y 963 to the remote control device 390, 
at 964. The remote control device 390 receives the parameter Y 963, at 960, and, within the 
locale of device A 400, transmits the parameter Y 963 to device A 400. Each device 400, 500 
subsequently computes a key that is equal to g''^ mod n by raising the received parameter Y, 
15 X to the power of the "secret" random number x, y, at 982, 984, respectively?) 

If the devices are in physically separate locales, the remote control device 390 
transmits the alert 91 1 , and parameters g, n 93 1 to device A 400 and receives the parameter X 
941, at 940, and is then transported to the locale of device B 500. At the locale of device B 
500, the control device 390 transmits the alert 913, the parameters g, n 933, and the 
20 parameter X 94 1 , at 950. 

Qletuming to FIG. 4, having exchanged parameters X, Y, the key parameter 
generators 440, 540 provide the determined key K, K*, each equal to g'^^ mod n, to their 
corresponding encryptor 420 and decryptor 520 devices, respectively. Each of the devices 
400, 500, is illustrated as having an appliance function block 410, 510, respectively. These 
25 blocks 410, 510 represent the convention functions provided by each device, such as the 
receipt of content material by a set-top box, the recording and playback functions of a VCR, 
the display and tuning functions of a television, and so on. Note that, in conventional us£\0ie 
appliance functions 410, 510 are controllable by the remote control device 390, and feedback 
from the appHance functions 410, 510, or the controllers 430, 530, are provided to the remote 
30 control device 390, via the transmitters 320A and receivers 320B of each device 400, 500, 
390. Feedback messages are displayable on the display 395 of the remote control device 390, 
and may include messages and prompts that are applicable to the above described parameter 
exchange process or other related tasks.^ 
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When the device A 400 has content material M 411 to communicate securely 
to device B 500, the material M 41 1 is encrypted by the encryptor 420 to provide an 
encrypted material Ek(M) 421 . The encrypted material Ek(M) 421 is subsequently 
communicated to device B 500, via a wide-bandwidth communications channel 405. The 
5 decryptor 520 decrypts the received encrypted material Ek(M)' 421' to produce a copy of the 
content material M' 41 1' that is processable by the appliance function 510, for example, to 
render a display of the content material M' 41 T corresponding to the original material M 41 1. 

The foregoing merely illustrates the principles of the invention. It will thus be 
appreciated that those skilled in the art will be able to devise various arrangements which, 

10 although not explicitly described or shown herein, embody the principles of the invention and 
are thus within its spirit and scope. For example, the control flows illiistrated in FIG. 5 may 
be effected automatically, or via a sequence of operations communicated via the keypad 398 
of the remote control device 390 in FIG. 4. The particular configurations and sequences of 
the figures are presented for illustration purposes. The functions illustrated may be effected, 

1 5 for example, in altemative devices. For example, the parameters g and n may be provided by 
one of the devices 400, 500, rather than the remote device 390. In other systems, common in 
the art, one or more of the parameters may be embedded in the devices 400, 500, obviating 
the need for random number generators. If the parameters X and Y are embedded in the 
device, certificates verifying the authenticity of these parameters may also be supplied. In 

20 like manner, either of the devices 400, 500 may be configured to control the parameter 
exchange, and the remote control may be configured as a relatively "unintelligent" relay 
device. For example, the messages from the transmitters 320A may include conventional 
communications packets having a destination address, and the remote device 390 may be 
configured to merely receive the packet and retransmit it to the device associated with the 

25 destination address. These and other system configuration and optimization features will be 
evident to one of ordinary skill in the art in view of this disclosure, and are included within 
the scope of the following claims. 
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1. A remote control device (390) that is configured to facilitate control of a 
plurality of electronic devices (310, 330, 350, 360), comprising: 

an input device (398) that is configured to accept a user input and provides 
therefrom a control signal for control of a first device (400) of the plurality of electronic 
5 devices, and 

a receiver (320B) that is configured to receive a parameter (Y) from a second 
device (500) of the plurality of electronic devices, and, 
a transmitter (320A) that is configured to: 

communicate the parameter (Y) from the second device (500) to the first 
10 device (400), and, 

communicate the control signal to the first device (400) to effect the control of 
an appliance fimction of the first device (400). 

2. The remote control device (390) of claim 1 , wherein 

15 the receiver (320B) is ftirther configured to receive an other parameter (X) 

from the first device (400), and 

the transmitter (320A) is further configured to communicate the other 
parameter (X) from the fu-st device (400) to the second device (500). 

20 3. The remote control device (390) of claim 2, further including 

a controller (393) that effects the communication of the parameter (Y) and the 
other parameter (X). 

4. The remote control device (390) of claim 3, wherein 

25 the controller (393) effects the communication of the parameter (Y) and the 

other parameter (X) to establish a cryptographic key exchange. 

5. The remote control device (390) of claim 4, wherein 
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the cryptographic key exchange corresponds to a Diffie-Hellman key 

exchange, 

6. An electronic device (500) comprising: 

5 a transceiver (320) that is structured to receive control commands from a 

remote control device (390), 

an appliance apparatus (510) that effects a processing of input information in 
dependence upon the control commands, 

a parameter generator (540) that produces a parameter (Y) for communication 
10 to an other device (400), and wherein, 

the transceiver (320) is also structured to transmit the parameter (Y), thereby 
effecting the communication of the parameter (Y) to the other device (400). 

7. The electronic device (400)of claim 6, v^herein 

15 the transceiver (320) is also structured to receive an other parameter (X) that is 

communicated from the other device (400). 

8. The electronic device (500) of claim 7, wherein 
the parameter generator (540) also produces 

20 a cryptographic key (K*) based on the other parameter (X) that is 

commimicated from the other device (400). 

9. The electronic device (500) of claim 8, wherein the parameter generator (540) 
produces the parameter (Y) and the cryptographic key (K') in accordance with a DifiQe- 

25 Hellman key exchange technique. 

10. The electronic device (500) of claim 6, wherein the appliance apparatus (510) 
includes at least one of: a set-top box, a tuner, a display device, a recording device, and a 
playback device. 

30 

11. A method for effecting a parameter exchange between a first device (400) and 
a second device (500), the first device (400) and the second device (500) each having a 
transceiver (320) that communicates with a remote control device (390) to facilitate control 
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of the first device (400) and the second device (500) via the remote control device (390), the 
method comprising: 

transmitting (942) a first parameter (X) fi-om the first device (400) via a 
transmitter (320A) of the transceiver (320) of the first device (400), and 

receiving (954) the first parameter (X) at the second device (500) via a 
receiver (320B) of the transceiver (320) of the second device (500). 

12. The method of claim 1 1 , fiirther including: 

receiving (940) the first parameter (X) at the remote control device (390), and 
transmitting (940) the first parameter (X) to the second device (500) from the 
remote control device (390). 

1 3 . The method of claim 1 1 , fiirther including: 

transmitting (964) a second parameter (Y) from the second device (500) via a 
transmitter (320A) of the transceiver (320) of the second device (500), and 

receiving (972) the second parameter (Y) at the first device (400) via a 
receiver (320B) of the transceiver (320) of the first device (400). 

14. The method of claim 13, fiirther including: 

receiving (960) the second parameter (Y) at the remote control device (390), 

and 

transmitting (960) the second parameter (Y) to the first device (400) from the 
remote control device (390). 

15. The method of claim 1 3, fiirther including: 

generating (982) a first cryptographic key (K) at the first device (400) based 
on the second parameter (Y), and 

generating (984) a second cryptographic key (K') at the second device (500) 
based on the first parameter (X), 

wherein the second cryptographic key (K') is suitable for a decryption of 
material that is encrypted using the first cryptographic key (K). 



1 6. The method of claim 1 5, wherein the first cryptographic key (K) and the 

second cryptographic key (K*) are substantially equal. 
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1 7. The method of claim 1 5, wherein the generating of the first and the second 

cryptographic keys (K, K') is based on a DifiBe-Helhnan key-exchange technique. 
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